Privacy and Security Implications of Regulation of Digital Services in the EU and US

Mikolaj Barczentewicz

The goal of the project is to assess the data privacy and security implications of the “new wave” of legislation on digital services—both in the US and in the EU.

In the EU, the proposals for the Digital Services Act and the Digital Markets Act include provisions that have potentially significant security and privacy implications, like interoperability obligations for online platforms or provisions for data access for researchers. Similar provisions, e.g. on interoperability, are included in bills currently being considered by the US Congress (e.g. in the American Choice and Innovation Online Act sponsored by Rep. David Cicilline). Some stakeholders are advocating that the EU and US legislatures go even further than currently contemplated in the direction that could potentially have negative security and privacy consequences—especially on interoperability.

The purpose of the project will be to assess whether the proposed legislation in its current form adequately addresses potential privacy and security risks, and what changes in the proposed legislation might help to alleviate the risks.